Last night my wife and I were watching the Korean version of Designated Survivor: 60 Days. She’d found it on Netflix, and thanks to a friend, in Saudi Arabia of all places, I was introduced to the original and became totally hooked. So we thought we’d give this iteration a shot.
Total aside, but along the “Asian clone TV” vibe, I also discovered Miss Sherlock in the bazillions of channels on Emirates when I was doing a lot of flying earlier in the year. If you’re into Sherlock Homes and have an open mind, it’s well worth the time to watch it.
So anyway, back to Acting President Park of Korea. Like President Kirkland in the original, he’s not really a politician. In fact, he’s MUCH less of a politician than Kirkland. Even worse, he’s an environmental scientist who at one point makes some comment like “trust in data.”
But here he is, now the Acting President of Korea for 60 days according to their constitution, and he’s more than a little lost. The savvy guide is the venerable Chief Secretary who, after taking over the first Cabinet meeting because President Park doesn’t even open his mouth, says that without the trust and support of the Blue House (the Presidential Residence), the remaining officials and the people, he’s gonna get nowhere—even though he’s the Acting President of the country who theoretically has the power.
He then goes on to say, “Once you have trust and support, these are the real keys to power and authority.”
And he’s right…unless you use the only other lever you have that can give you power and authority without trust and support…
Fear.
So here’s a little quiz: on any given day as a security program overall, which lever do we pull the most?
- earning the trust and support of the people in our organizations, or
- scaring the shit out of them about clicking links, APTs and ransomware…and…and…and…
My guess is that the fear lever is polished all bright and shiny, and the trust and support one is still “factory fresh,” or at least, it still has the original coat of paint.
The thing about fear is that you become acclimated to living in fear, and then it becomes less and less effective. In order for it to work, you’ve gotta keep ratcheting it up a few notches all the time so people have something *new* to worry about.
Now, for all the people in security who hate FUD and say we shouldn’t use it, I say you’re right. However, we’ve just gotten more subtle about it, and it’s still a fairly frequent tool in our toolbox.
What we really need to be working on is developing our support muscles so that we achieve the trust of the people in our organization. This is the key to respect, and respect is really our endgame.
But we’re a long way from it in far too many of the organizations I talk to every week.
So how do you build that trust and demonstrate that support?
There’s only one way: from the perspective of the customer’s world.
We have to understand their world, what they’re doing and why they care about it. And we have to get really, really good at anticipating *their* needs based on what we know.
Because if we can anticipate their needs, then we give them happy surprises instead of heart attacks and high blood pressure when we tell them “no” all the time.
How do we do that?
The best way I’ve found in 25 years of getting paid to solve problems is the subject of the August edition of the new Security Sanity™ paid newsletter.
But you only get it if you go to this link and subscribe before the end of the month.
Here’s the thing, if you haven’t read the free sample I sent out to you…
…or if you HAVE read it, but you haven’t used it to do something about the organizational structure of your security team..
Then please, don’t subscribe. Save your $3.20 a day the subscription costs, and go buy yourself an extra couple of shots in your Starbucks. It’ll probably give you more value.
However, if you have read it – and taken some kind of concrete action with what’s inside – then, you’re going to get more tangible goodness that you can use to start building that trust and support with your customers and your teams in the August issue.
Just don’t wait too long.
Stay safe,
ast
—
Andrew S. Townley
Archistry Chief Executive
P.S. Here’s something you can do if you liked today’s post: you can sign up for those daily emails that annoying pop-up keeps asking you about. Or, if you want to know more about what you’re going to get if you do and how it works, then just go knock on the front door: https://archistry.com and you’ll get the whole deal.
Or…you can just keep reading the blog, or ignore me and Archistry all together. I’m good either way.
